Microsoft Warns Over New Exploit

Microsoft disclosed over the weekend that exploit code for a recently patched flaw in Routing and Remote Access had been published to the Internet. The vulnerability had been patched in June's Patch Tuesday release, and the company was not aware of any attacks using the exploit.

Those who have applied the MS06-025 patch are immune to the exploit, according to a Microsoft investigation. Additionally, the flaw is easiest to exploit in Windows 2000; on Windows XP Service Pack 2, Windows Server 2003 and Windows Server 2003 Service Pack 1 the attacker would need logon credentials.

"The MSRC is monitoring this situation to keep customers informed and to provide customer guidance as necessary," Stephen Toulouse of the Microsoft Security Research Center said. He recommended that all users apply the patch as soon as possible.

MS06-025 was updated Tuesday to fix a problem with legacy dial-up connections that use a terminal window or dial-up scripting. Users who were not affected by the problem do not need to reinstall the patch if they have already done so.

Microsoft said it would continue to monitor the situation and provide further information as necessary. However, it expressed concern at how the vulnerability was disclosed.

"Microsoft is disappointed that certain security researchers have breached the commonly accepted industry practice of withholding vulnerability data so close to update release and have published exploit code, potentially harming computer users," the company said in an advisory.

"We continue to urge security researchers to disclose vulnerability information responsibly and allow customers time to deploy updates so they do not aid criminals in their attempt to take advantage of software vulnerabilities," it continued.